Tag: Weak Ciphers
Problems related to weak ciphers, such as RC4, DES, or MD5
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| CRE-2025-0044 High Impact: 9/10 Mitigation: 1/10 | NGINX Config Uses Insecure TLS Ciphers | Detects NGINX configuration files that advertise obsolete and cryptographically weak ciphers (RC4-MD5, RC4-SHA, DES-CBC3-SHA). These ciphers are vulnerable to several well-known attacks—including BEAST, BAR-Mitzvah, Lucky-13, and statistical biases in RC4—placing any client–server communication at risk of interception or tampering. | Insecure Configuration | nginx | NginxWeak CiphersSecurityConfigurationTLSKnown IssuePublic |